Blog
/
Zero Trust Segmentation

9 Reasons Why Healthcare Providers Should Implement Zero Trust Segmentation

Trevor Dearing
Industry Solutions Marketing Director
December 14, 2022
23 min. read

Ransomware attacks on healthcare increased by over 300 percent in the first half of 2022 alone.

Because of this, many healthcare providers are becoming interested in microsegmentation, also called Zero Trust Segmentation (ZTS).

Unlike traditional prevention and detection technologies, ZTS contains the spread of breaches and ransomware across the hybrid attack surface by continually visualizing how workloads and devices are communicating, creating granular policies that only allow wanted and necessary communication, and automatically isolating breaches by restricting lateral movement proactively or during an active attack.

ZTS is a foundational and strategic pillar of any Zero Trust architecture and one that especially benefits organizations that have increased cyber risk simply for being in the healthcare industry.

Watch this video to learn the top 3 ways ZTS solves healthcare security challenges:


Keep reading to learn the 9 reasons why healthcare providers should implement ZTS from Illumio.

1. Maintain services while under attack

The highest priority for any healthcare provider must be patients. If a cyberattack results in degraded patient care, then that is a major issue, especially if it results in loss of life.

The ransomware gangs know this — and that makes healthcare a prime target. Organizations must assume that they will be attacked at any time and plan accordingly. They need to be able to create an environment where services can continue to be delivered even while under attack.

Illumio ZTS contains an attack to prevent it from spreading from the original point of attack to high-value critical assets.

Get the details on how ZTS for healthcare organizations in this in-depth guide.

2. Protect patients and patient records

Not being able to access patient records can impact the safety of patients. Ransomware attacks on healthcare organizations oftentimes make data like patient records inaccessible for days, if not weeks. This could have disastrous consequences.

Ringfencing electronic health record (EHR) applications and data means that only verified staff and systems — not bad actors — can access that data.

ZTS controls who and how records are accessed. By adopting the approach of least-privilege access, attacks like ransomware are prevented from spreading to the high-value and critical assets like patient records.

3. Meet local compliance requirements

All healthcare providers are subject to some form of local cybersecurity regulation covering privacy and availability. Most of these will define the requirement to be able to isolate devices and data.

In many countries, not meeting the local requirements means that organization is prevented from operating.

Separating data and traffic based on function and risk puts the barriers in place to prevent unauthorized systems and functions from connecting. This in turn prevents a breach from reaching critical services.

4. Provide a single view of connections between all systems across IT and medical OT environments

Healthcare is more and more connected.

Information is now required to be accessed from more locations. This increases the volume and variety of devices connected to the network including, infusion pumps, ventilators, and scanners. This not only exposes those devices to infection from the IT system, but each can come with their own vulnerabilities.

Illumio provides the capability to map the interdependencies between devices on both sides of IT and OT. Using this information, it is simpler to apply the appropriate security policies to properly segment the network.

Learn how Illumio partners with Cylera to offer security for IT, OT and IoT healthcare applications, data and devices here.

5. Secure the migration of applications to the cloud

To gain the benefits of moving applications and data to the cloud, it is important to be able to maintain the same security levels. With some older versions of Windows going to End of Support, lifting those workloads and running them in the cloud makes sense. Doing this means that existing network-based security controls disappear.

By using ZTS that is independent of the infrastructure, workloads can be moved to the cloud and keep the existing security policies and controls.

6. Mitigate the threat to unpatchable and unpatched systems

It is often difficult to manage the complex process of patching systems.

There are so many patches that need to be applied on a daily basis to a huge variety of different systems. Most organizations have developed a well-defined process that identifies, tests, and applies patches.

However, there are 3 major challenges security teams face when trying to get vulnerabilities patched:

Patches cannot be done instantly, and so there will be a lag between the release of a patch and its installation.

It can take time to generate a patch for vulnerabilities after they're discovered.

Some devices are not supported anymore and so cannot be patched.

The risk to unpatched devices can be mitigated by using Illumio to restrict the exposure of individual systems. This means the network is still protected even when patches cannot or still need to be applied.

7. Automated incident response to ransomware

It is important to define a plan in event of a ransomware attack. The NotPetya and WannaCry attacks showed just how difficult it can be for endpoint protection systems to detect and respond to a live attach.

The fastest and most effective response is to contain the breach by stopping the method of communication that the ransomware is using to spread through the network.

Illumio ZTS can instantly stop the propagation of ransomware by locking down the ports that the attack will use to spread.

8. Simple deployment of security policies

Cybersecurity in the healthcare environment is often built into many processes and systems. The diversity of the environment can lead to an over-complex infrastructure. This can make the effort of delivering a secure service very difficult — and often organizations don't have the staff or budget to meet this need.

Illumio makes the deployment of security policies easier. By providing an easy-to-read map showing communication between workloads and devices, it is simple to design and provision the appropriate rules.

9. Simple scalability

The pandemic changed the way that health services are delivered.

Subsequently, the increase in remote diagnostics, online triage, and telemedicine require a change to the ways IT services support them.

It is much easier to scale equipment than doctors, so the deployment of computerised tomography (CT) and ultrasound scans, X-rays, and phlebotomy to remote locations helps health systems scale. These systems still need connectivity to the hospital network and records systems.

While the remote connection may be via SASE their still needs to be control over the connectivity to the applications and systems back at the hospital. ZTS can be deployed independent of location to provide the same protection against the spread of an attack.

Ready to learn more about Illumio ZTS? Contact us for a consultation and demo today.

Related topics

No items found.

Related articles

U.S. Cybersecurity Strategy, Healthcare Breaches, and Illumio Market Momentum
Zero Trust Segmentation

U.S. Cybersecurity Strategy, Healthcare Breaches, and Illumio Market Momentum

Get a summary of Illumio's news coverage from March 2023.

Read more
Gerald Caron Shares 5 Zero Trust Insights for Federal Agencies
Zero Trust Segmentation

Gerald Caron Shares 5 Zero Trust Insights for Federal Agencies

Gerald Caron, former CIO at the U.S. Dept. of Health and Human Services, discusses Zero Trust insights and implementing cybersecurity at government agencies.

Read more
Network Security is Not Workload Security
Zero Trust Segmentation

Network Security is Not Workload Security

There are distinct differences between network security and network-based solutions and workload security and solutions like micro-segmentation.

Read more
Zero Trust Is Now a Healthcare Must: HIMSS 2022 Takeaways
Zero Trust Segmentation

Zero Trust Is Now a Healthcare Must: HIMSS 2022 Takeaways

The overriding cybersecurity message at HIMSS 2022 was that Zero Trust Is now a healthcare must.

Read more
Expert Q&A: How Can Healthcare Prepare for Increasing Cyber Threats?
Zero Trust Segmentation

Expert Q&A: How Can Healthcare Prepare for Increasing Cyber Threats?

Get insight into what steps your healthcare organization can take to be cyber resilient from this Q&A with Illumio's Trevor Dearing.

Read more
Illumio Zero Trust Segmentation Delivers Provable Risk Reduction and ROI
Zero Trust Segmentation

Illumio Zero Trust Segmentation Delivers Provable Risk Reduction and ROI

Read how Illumio Zero Trust Segmentation delivers 111% ROI based on the new Forrester TEI study.

Read more

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?

Learn more